package com.gxa.web_admin.controller;
import com.alibaba.fastjson.JSONObject;
import com.gxa.common.vo.R;
import com.gxa.common.vo.RLogin;
import com.gxa.component.jwt.JwtUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.bind.annotation.*;


import javax.servlet.http.HttpServletResponse;
import java.util.UUID;
import java.util.concurrent.TimeUnit;

@RestController

public class LoginController {

    @Autowired
    private RedisTemplate redisTemplate;

    @PostMapping ("/login")

    public RLogin login(String username, String password, HttpServletResponse response){
        RLogin r = new RLogin();
        Subject subject = SecurityUtils.getSubject();
        System.out.println(subject);
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username,password);
        subject.login(usernamePasswordToken);
        r.setCode(200);
        r.setMsg("登录成功！");

        //1.登录成功后，后端生成token令牌。
        String authorization =  JwtUtils.createJwt(UUID.randomUUID().toString(),JwtUtils.ISS, JSONObject.toJSONString(usernamePasswordToken),JwtUtils.TTMILLIS);
        response.setHeader("Access-Control-Expose-Headers","Authorization");
        //2.通过响应头返回给前端
        response.setHeader("Authorization",authorization);
        r.getAuthorization();
        /**
         * 在SSM项目阶段，token还有小问题：
         *    1. token续签问题
         *    2. 单点登录问题
         *    3. 重复提交....
         *  以上问题，可以通过redis解决。
         */
        redisTemplate.opsForValue().set(authorization,JSONObject.toJSONString(usernamePasswordToken),7200, TimeUnit.SECONDS);
        return r;
    }

    @ExceptionHandler(UnknownAccountException.class)
    @ResponseBody
    public R unknownAccountException(){
        R r = new R();
        r.setCode(500);
        r.setMsg("账户或密码有误");
        return r;
    }

    @ExceptionHandler(IncorrectCredentialsException.class)
    @ResponseBody
    public R incorrectCredentialsException(){
        R r = new R();
        r.setCode(500);
        r.setMsg("账户或密码有误");
        return r;
    }

    @ExceptionHandler(LockedAccountException.class)
    @ResponseBody
    public R lockedAccountException(){
        R r = new R();
        r.setCode(500);
        r.setMsg("账号被锁");
        return r;
    }

    @ExceptionHandler(AuthenticationException.class)
    @ResponseBody
    public R authenticationException(){
        R r = new R();
        r.setCode(500);
        r.setMsg("认证错误");
        return r;
    }
    @RequestMapping(value = "/logout",method = RequestMethod.POST)
    @ResponseBody
    public R logout(){//shiro退出
        R r = new R();
        System.out.println("====logout====");
        Subject subject =  SecurityUtils.getSubject();
        subject.logout();
        System.out.println("====logout====");
        r.setCode(200);
        r.setMsg("退出登录");
        return r;
    }
    @RequestMapping("/msg/loginUrl")
    @ResponseBody
    public  R loginurl(){
        R r = new R();
        r.setCode(500);
        r.setMsg("您还未登录");
        return r;
    }
    @RequestMapping("/msg/unauthorized")
    @ResponseBody
    public  R unauthorized() {
        R r = new R();
        r.setCode(500);
        r.setMsg("不具备访问权限");
        return r;
    }
}
